IT Security Blog

Data encoding in the shell is a quick and reliable method to parse input in one type of format to format of another type. This could be done in order to determine how an application has converted input, or to…

It was the best of security, it was the worst of security. This story is not about Citibank, nor London or Paris for that matter, but two anonymous regional financial institutions that characterize an interesting aspect of security. Their IT…

ActiveX seems to be getting some bad press once again, as its the target of recent exploits. From SANS: "Microsoft mentions that they are aware of active exploits against this vulnerability, although we at the SANS Internet Storm Center haven't…

Security Review Site Really a Front for a Security Consulting Company? The security space is a very interesting arena. For the customer, it's often very difficult to separate fact from fiction in many aspects. There are security companies that sell…

Sed, Grep and Awk are true *nix tools, known for their awkward names and equally awkward syntax. They represent the most immediate access to Regular Expressions (REs) which are themselves worthy of knowledge. Even their attempted replacement, Perl, is also…

While Nessus is a wonderful vulnerability scanner, sometimes it is too slow and resource heavy for individual issues. The following 2 equivalent scripts perform checks for the following SSL related Nessus plugins: 20007: SSL Version 2 (v2) Protocol Detection 26928:…

SNMP, or Simple Network Management Protocol, has been the go-to management protocol of choice for years. As its name declares, it is a simple and efficient way to monitor hosts. Most everything is SNMP capable these days, from servers to…

With an over 15-year successful track record, Redspin is one of the most trusted cyber security names in the industry. Our proven real-world approach has been applied and refined throughout 1000's of security assessments, giving you the best possible return on your investment.

Our world-class award winning security engineering team is on the front lines every day, ensuring our clients are protected from the latest 'in-the-wild' threats and exploits.